package com.tenbent.product.center.token.action;

import com.tenbent.product.base.utils.XMLUtil;
import com.tenbent.product.center.token.dto.AccessTokenDto;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.*;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.RestTemplate;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;

import javax.servlet.http.HttpServletRequest;

/**
 * 应用授权管理后获取token和刷新token的API
 *
 * Created by ThinkPad on 2017/10/19.
 */
@RestController
@Api(description = "获取授权 token 相关接口文档")
public class OauthTokenController {

	private static final Logger logger = LoggerFactory.getLogger(OauthTokenController.class);

	public static class Url {
		public static final String oauthToken = "/ten_bent/oauth/token";
		public static final String refreshToken = "/ten_bent/refresh/token";
	}

	@Autowired
	private RestTemplate restTemplate;

	@RequestMapping(value = Url.oauthToken, method = {
			RequestMethod.POST }, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
	@ApiOperation(value = "获取授权token", notes = "获取授权token", response = String.class)
	public AccessTokenDto authToken(
			@ApiParam(name = "name", value = "授权人名称", required = true) @RequestParam(name = "name", required = true) String name,
			@ApiParam(name = "password", value = "授权人密码(非明文)", required = true) @RequestParam(name = "password", required = true) String password,
			HttpServletRequest req) {

		String url = getPath(req) + "/oauth/token?grant_type=password&username={1}&password={2}";
		HttpEntity<String> entity = new HttpEntity<>(null, getBasicAuthHeaders());
		ResponseEntity<String> responseEntity = restTemplate.postForEntity(url, entity, String.class, name, password);
		String body = responseEntity.getBody();
		logger.info(" token json ----> {}", body);
		AccessTokenDto accessTokenDto = (AccessTokenDto) XMLUtil.convertXmlStrToObject(AccessTokenDto.class, body);
		return accessTokenDto;
	}

	@RequestMapping(value = Url.refreshToken, method = {
			RequestMethod.POST }, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
	@ApiOperation(value = "刷新授权token", notes = "刷新授权token", response = String.class)
	public AccessTokenDto refreshToken(
			@ApiParam(name = "refresh_token", value = "要刷新的token", required = true) @RequestParam(name = "refresh_token", required = true) String refresh_token,
			HttpServletRequest req) {

		String url = getPath(req) + "/oauth/token?grant_type=refresh_token&refresh_token={1}";
		HttpEntity<String> entity = new HttpEntity<>(null, getBasicAuthHeaders());
		ResponseEntity<String> responseEntity = restTemplate.postForEntity(url, entity, String.class, refresh_token);
		String body = responseEntity.getBody();
		logger.info(" token json ----> {}", body);
		AccessTokenDto accessTokenDto = (AccessTokenDto) XMLUtil.convertXmlStrToObject(AccessTokenDto.class, body);
		return accessTokenDto;
	}

	private HttpHeaders getBasicAuthHeaders() {
		HttpHeaders headers = new HttpHeaders();
		headers.setContentType(MediaType.APPLICATION_JSON);
		headers.set("Authorization", "Basic bXktdHJ1c3RlZC1jbGllbnQ6c2VjcmV0");
		return headers;
	}

	private String getPath(HttpServletRequest req) {
		return "http://" + req.getServerName() + ":" + req.getServerPort();
	}

}
